Admin suite: monitoring dashboard, user management/ban, broadcast, reports, SMS test

- /Admin/Overview: platform monitoring stats (users by role, facilities, listings, applies, push subs, queue, reports, bans)
- /Admin/Users: search/filter + ban/unban (User.IsBanned + reason); banned users blocked at login
- /Admin/Broadcast: send announcement (in-app + web push) to all / staff / employers via NotificationService
- Reports: report button on shift/job detail → /report endpoint → /Admin/Reports (resolve/dismiss)
- Settings: 'send test SMS' button; admin cross-nav links; SMS API config already in place
- migration AdminBanReports; verified overview/users/broadcast/report persist

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

src/JobsMedical.Web/Pages/Admin/Users.cshtml.cs

@@ -0,0 +1,59 @@
+using JobsMedical.Web.Data;
+using JobsMedical.Web.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.EntityFrameworkCore;
+
+namespace JobsMedical.Web.Pages.Admin;
+
+[Authorize(Roles = "Admin")]
+public class UsersModel : PageModel
+{
+    private readonly AppDbContext _db;
+    public UsersModel(AppDbContext db) => _db = db;
+
+    public record Row(User User, int Facilities);
+    public List<Row> Users { get; private set; } = new();
+    [BindProperty(SupportsGet = true)] public string? Q { get; set; }
+    [BindProperty(SupportsGet = true)] public UserRole? RoleFilter { get; set; }
+
+    public async Task OnGetAsync()
+    {
+        IQueryable<User> q = _db.Users;
+        if (!string.IsNullOrWhiteSpace(Q))
+        {
+            var s = Q.Trim();
+            q = q.Where(u => u.Phone.Contains(s) || (u.FullName != null && u.FullName.Contains(s)));
+        }
+        if (RoleFilter is not null) q = q.Where(u => u.Role == RoleFilter);
+
+        var users = await q.OrderByDescending(u => u.CreatedAt).Take(300).ToListAsync();
+        var ids = users.Select(u => u.Id).ToList();
+        var facCounts = await _db.Facilities.Where(f => f.OwnerUserId != null && ids.Contains(f.OwnerUserId.Value))
+            .GroupBy(f => f.OwnerUserId!.Value).Select(g => new { g.Key, C = g.Count() })
+            .ToDictionaryAsync(x => x.Key, x => x.C);
+
+        Users = users.Select(u => new Row(u, facCounts.GetValueOrDefault(u.Id))).ToList();
+    }
+
+    public async Task<IActionResult> OnPostBanAsync(int id, string? reason)
+    {
+        var u = await _db.Users.FindAsync(id);
+        if (u is null) return NotFound();
+        if (u.Role == UserRole.Admin) { TempData["err"] = "نمی‌توان مدیر را مسدود کرد."; return RedirectToPage(new { Q, RoleFilter }); }
+        u.IsBanned = true;
+        u.BanReason = string.IsNullOrWhiteSpace(reason) ? "نقض قوانین" : reason.Trim();
+        await _db.SaveChangesAsync();
+        return RedirectToPage(new { Q, RoleFilter });
+    }
+
+    public async Task<IActionResult> OnPostUnbanAsync(int id)
+    {
+        var u = await _db.Users.FindAsync(id);
+        if (u is null) return NotFound();
+        u.IsBanned = false; u.BanReason = null;
+        await _db.SaveChangesAsync();
+        return RedirectToPage(new { Q, RoleFilter });
+    }
+}